#!/bin/bash

# Ruleset 1
# Allow INCOMING protocols: HTTP, POP, IMAP, SSH

# HTTP
iptables -t mangle -A INPUT -j DROP -m ipcontext --ipcontext_port 80 --ipcontext_protocol http --ipcontext_regexp "http/(0\.9|1\.0|1\.1)" --ipcontext_log --ipcontext_dir 1 

# POP
iptables -t mangle -A INPUT -j DROP -m ipcontext --ipcontext_port 110 --ipcontext_protocol pop --ipcontext_regexp "|^(\+ok .*pop)" --ipcontext_log --ipcontext_dir 1

#IMAP
iptables -t mangle -A INPUT -j DROP -m ipcontext --ipcontext_port 143 --ipcontext_protocol imap --ipcontext_regexp "^\* OK" --ipcontext_log --ipcontext_dir 1

#SSH
iptables -t mangle -A INPUT -j DROP -m ipcontext --ipcontext_port 22 --ipcontext_protocol ssh --ipcontext_regexp "^ssh-[12]\.[0-9]" --ipcontext_log --ipcontext_dir 1

# default rule
iptables -t mangle -A INPUT -p tcp -m multiport --sports ! 80,110,143,22 -j DROP

